>> >> Another would be to encrypt using multiple keys for each recipient. This >> could help with the multiple device problem. The set of keys used could >> include a key for a filter if desired. > > I came to the exact opposite conclusion, that the decryption key needs to be > shared across every device and with no predetermined expiry. > > You have no idea which of the devices I use that I might read your email on. I > have 2 desktops, 2 iphones, one iPad and 3 laptops in regular use. And that is > just the ones that I consider essential. > > The set of devices changes at least once a year. The MacBook typically lasts > about 6 months between visits to Apple customer service.
Sure, but you know what keys are on each device and could publish those accordingly. You also know the key of your filter. If the sender encrypted to your set of keys (instead of single key as is current practice), there are a couple of potential advantages. > > > There is no security advantage to having mail sent to me encrypted under a > different key per device. There is however an advantage to having mail signed > under a different key per device and not sharing those across devices . No security advantage, but a usability advantage.
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
